This question is similar to this one but doing x-accel-redirect
on aws s3
resource. The former tried to set the upstream headers to the local request. This works fine. But now i have moved my contents to the amazon s3 and i wanted to implement the same restricted download to the s3 objects.
This is my nginx config
proxy_pass_header X-Accel-Redirect;
passenger_pass_header X-Accel-Redirect;
location ~* ^/download_zip/(.*) {
internal;
resolver 8.8.8.8 valid=300s;
proxy_buffering off;
proxy_set_header Content-Length "";
proxy_set_header Cookie "";
proxy_hide_header x-amz-request-id;
proxy_hide_header x-amz-meta-uid;
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-meta-mode;
proxy_hide_header x-amz-meta-mtime;
proxy_hide_header x-amz-meta-gid;
proxy_hide_header x-amz-version-id;
proxy_hide_header accept-ranges;
# Do not touch local disks when proxying
# content to clients
proxy_method GET;
proxy_pass_request_body off;
proxy_max_temp_file_size 0;
proxy_pass_header Content-MD5;
add_header Content-MD5 $upstream_http_content_md5;
# proxy_set_header Content-MD5 "123123123123123";
proxy_pass https://a_b_c_assets.s3-east.amazonaws.com/$1$is_args$args;
}
and the rails part is
headers['X-Accel-Redirect'] = '/download_zip/uploads/' + params[:story_id] +'/' + params[:story_id] + '.zip?' + secure_part
headers['X-Accel-Expires'] = 'max'
headers['Content-MD5'] = checksum
Everything works fine except the Content-MD5
is not passed to the proxied request.
Any help is really appreciated.
Another similar question here
proxy_pass_header X-Accel-Redirect;
passenger_pass_header X-Accel-Redirect;
# this is intermediate location that stores header
# to variable and rewrites to another location
location ^~ /download_zip/ {
internal;
set $Content_MD5 $upstream_http_content_md5;
rewrite ^/(.+) /amazon_$1;
}
location ^~ /amazon_download_zip/ {
internal;
resolver 8.8.8.8 valid=300s;
proxy_buffering off;
proxy_set_header Content-Length "";
proxy_set_header Cookie "";
proxy_hide_header x-amz-request-id;
proxy_hide_header x-amz-meta-uid;
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-meta-mode;
proxy_hide_header x-amz-meta-mtime;
proxy_hide_header x-amz-meta-gid;
proxy_hide_header x-amz-version-id;
proxy_hide_header accept-ranges;
# Do not touch local disks when proxying
# content to clients
proxy_method GET;
proxy_pass_request_body off;
proxy_max_temp_file_size 0;
proxy_pass_header Content-MD5;
add_header Content-MD5 $Content_MD5;
proxy_pass https://a_b_c_assets.s3-east.amazonaws.com/;
}